Using Context and Interactions to Verify User-Intended Network Requests

Client-side malware can attack users by tampering with applications or user interfaces to generate requests that users did not intend. We propose Verified Intention (VInt), which ensures a network request, as received by a service, is user-intended. VInt is based on "seeing what the user sees" (context). VInt screenshots the user interface as the user interacts with a security-sensitive form. There are two main components. First, VInt ensures output integrity and authenticity by validating the context, ensuring the user sees correctly rendered information. Second, VInt extracts user-intended inputs from the on-screen user-provided inputs, with the assumption that a human user checks what they entered. Using the user-intended inputs, VInt deems a request to be user-intended if the request is generated properly from the user-intended inputs while the user is shown the correct information. VInt is implemented using image analysis and Optical Character Recognition (OCR). Our evaluation shows that VInt is accurate and efficient

Reactive attestation : automatic detection and reaction to software tampering attacks

Anti-tampering is a form of software protection conceived to detect and avoid the execution of tampered programs. tamper detection assesses programs’ integrity with load- or execution-time checks. Avoidance reacts to tampered programs by stopping or rendering them unusable. General purpose reactions (such as halting the execution) stand out like a lighthouse in the code and are quite easy to defeat by an attacker. More sophisticated reactions, which degrade the user experience or the quality of service, are less easy to locate and remove but are too tangled with the program’s business logic, and are thus difficult to automate by a general purpose protection tool. In the present paper, we propose a novel approach to antitampering that (i) fully automatically applies to a target program, (ii) uses Remote Attestation for detection purposes and (iii) adopts a server-side reaction that is difficult to block by an attacker. By means of Client/Server Code Splitting, a crucial part of the program is removed from the client and executed on a remote trusted server in sync with the client. If a client program provides evidences of its integrity, the part moved to the server is executed. Otherwise, a server-side reaction logic may (temporarily or definitely) decide to stop serving it. Therefore, a tampered client application can not continue its execution. We assessed our automatic protection tool on a case study Android application. Experimental results show that all the original and tampered executions are correctly detected, reactions are promptly applied, and execution overhead is on an acceptable level

Efficient Security and Authentication for Edge-Based Internet of Medical Things

Internet of Medical Things (IoMT)-driven smart health and emotional care is revolutionizing the healthcare industry by embracing several technologies related to multimodal physiological data collection, communication, intelligent automation, and efficient manufacturing. The authentication and secure exchange of electronic health records (EHRs), comprising of patient data collected using wearable sensors and laboratory investigations, is of paramount importance. In this article, we present a novel high payload and reversible EHR embedding framework to secure the patient information successfully and authenticate the received content. The proposed approach is based on novel left data mapping (LDM), pixel repetition method (PRM), RC4 encryption, and checksum computation. The input image of size $M imes N$ is upscaled by using PRM that guarantees reversibility with lesser computational complexity. The binary secret data are encrypted using the RC4 encryption algorithm and then the encrypted data are grouped into 3-bit chunks and converted into decimal equivalents. Before embedding, these decimal digits are encoded by LDM. To embed the shifted data, the cover image is divided into $2 imes 2$ blocks and then in each block, two digits are embedded into the counter diagonal pixels. For tamper detection and localization, a checksum digit computed from the block is embedded into one of the main diagonal pixels. A fragile logo is embedded into the cover images in addition to EHR to facilitate early tamper detection. The average peak signal to noise ratio (PSNR) of the stego-images obtained is 41.95 dB for a very high embedding capacity of 2.25 bits per pixel. Furthermore, the embedding time is less than 0.2 s. Experimental results reveal that our approach outperforms many state-of-the-art techniques in terms of payload, imperceptibility, computational complexity, and capability to detect and localize tamper. All the attributes affirm that the proposed scheme is a potential candidate for providing better security and authentication solutions for IoMT-based smart health

A novel multipurpose watermarking scheme capable of protecting and authenticating images with tamper detection and localisation abilities

Technologies that fall under the umbrella of Industry 4.0 can be classified into one of its four significant components: cyber-physical systems, the internet of things (IoT), on-demand availability of computer system resources, and cognitive computing. The success of this industrial revolution lies in how well these components can communicate with each other, and work together in finding the most optimised solution for an assigned task. It is achieved by sharing data collected from a network of sensors. This data is communicated via images, videos, and a variety of other signals, attracting unwanted attention of hackers. The protection of such data is therefore pivotal, as is maintaining its integrity. To this end, this paper proposes a novel image watermarking scheme with potential applications in Industry 4.0. The strategy presented is multipurpose; one such purpose is authenticating the transmitted image, another is curtailing the illegal distribution of the image by providing copyright protection. To this end, two new watermarking methods are introduced, one of which is for embedding the robust watermark, and the other is related to the fragile watermark. The robust watermark's embedding is achieved in the frequency domain, wherein the frequency coefficients are selected using a novel mean-based coefficient selection procedure. Subsequently, the selected coefficients are manipulated in equal proportion to embed the robust watermark. The fragile watermark's embedding is achieved in the spatial domain, wherein self-generated fragile watermark(s) is embedded by directly altering the pixel bits of the host image. The effective combination of two domains results in a hybrid scheme and attains the vital balance between the watermarking requirements of imperceptibility, security and capacity. Moreover, in the case of tampering, the proposed scheme not only authenticates and provides copyright protection to images but can also detect tampering and localise the tampered regions. An extensive evaluation of the proposed scheme on typical images has proven its superiority over existing state-of-the-art methods

Secure and Robust Fragile Watermarking Scheme for Medical Images

Over the past decade advances in computer-based communication and health services, the need for image security becomes urgent to address the requirements of both safety and non-safety in medical applications. This paper proposes a new fragile watermarking based scheme for image authentication and self-recovery for medical applications. The proposed scheme locates image tampering as well as recovers the original image. A host image is broken into 4×4 blocks and Singular Value Decomposition (SVD) is applied by inserting the traces of block wise SVD into the Least Significant Bit (LSB) of the image pixels to figure out the transformation in the original image. Two authentication bits namely block authentication and self-recovery bits were used to survive the vector quantization attack. The insertion of self-recovery bits is determined with Arnold transformation, which recovers the original image even after a high tampering rate. SVD-based watermarking information improves the image authentication and provides a way to detect different attacked area. The proposed scheme is tested against different types of attacks such are text removal attack, text insertion attack, and copy and paste attack